<?php
/*
 * Copyright notice
 * 
 * (c) 2009 MH-Dev.de, Martin Hesse <info@mh-dev.de>
 * 
 * This script is part of the MH-Dev.-Board project. The MH-Dev.-Board 
 * is free software; you can redistribute it and/or modify it under the 
 * terms of the GNU General Public License as published by 
 * the Free Software Foundation; either version 3 of the License, 
 * or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful, 
 * but WITHOUT ANY WARRANTY; without even the implied warranty 
 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 * See the GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU 
 * General Public License along with this program; if not, 
 * see http://www.gnu.org/licenses/.
 */


/**
 * ACL Plugin
 * 
 * Checks access levels and permissions
 *
 * @author	Martin Hesse <info@mh-dev.de>
 * @package	MH-Dev.-Board
 */
class MHDEV_Plugin_Acl extends Zend_Controller_Plugin_Abstract 
{
	protected $auth;
	protected $acl;

	/*
	 * Constructor
	 * 
	 * @param object Zend_Auth
	 * @param object Zend_Acl
	 * 
	 * return void
	 */
	public function __construct(Zend_Auth $auth, Zend_Acl $acl) 
	{
		$this->auth 	= $auth;
		$this->acl 		= $acl;
		$this->config	= Zend_Registry::get('config');
	}
	
	
	
	/*
	 * preDispatch Process
	 * 
	 * @param object Zend_Controller_Request_Abstract
	 * 
	 * @return void
	 */
	public function preDispatch(Zend_Controller_Request_Abstract $request)
	{
		// helper
		$checkBan	= new MHDEV_View_Helper_IsBanned();
		
		// check if board is installed ...
		if(!Zend_Registry::isRegistered('settings'))
		{
			// if not, redirect to the install controller
			$request->setControllerName('install');
			$request->setActionName('index');
		}
		else
		{
			// next step ... get settings and look if the board is "online"
			$settings = Zend_Registry::get('settings');
			if($settings['is_online'] == 0 AND @$this->auth->getIdentity()->role != 'admin')
			{
				// if not, redirect to the error controller
				$request->setControllerName('error');
				$request->setActionName('offline');
			}
			else
			{
				// get requests
				$module		= $request->getModuleName();
				$controller = $request->getControllerName();
				$action 	= $request->getActionName();
				
				if($module == NULL && $controller == NULL && $action == NULL)
				{
					$module		= 'default';
					$controller	= 'index';
					$action		= 'index';	
				}
				elseif($module == NULL)
				{
					$module		= 'default';
				}
				
				// check permissions ...
				if ($this->auth->hasIdentity())
				{
					$role = $this->auth->getIdentity()->role;
				} 
				else 
				{
					$role = 'guest';
				}
				
				if ($this->acl->has($module . '.')) 
				{
					$resource = $module . '.';
				}
				elseif ($this->acl->has($module . '.' .$controller)) 
				{
					$resource = $module . '.' .$controller;
				}
				else 
				{
					$resource = null;
				}
				
				if (!$this->acl->isAllowed($role, $resource, $action))
				{
					$request->setModuleName('default');
					$request->setControllerName('error');
					$request->setActionName('denied');
				}
				else
				{
					if($module == 'backend')
					{
						// default backend layout
						$layout = Zend_Layout::startMvc(array(
			            	'layoutPath' => $this->config->appPath . '/layouts/backend'
			        	));
			        	
			        	$view	= $layout->getView();
			        	$view->setBasePath($this->config->appPath . '/views/backend');
			        	
			        	$view->addHelperPath('MHDEV/View/Helper/', 'MHDEV_View_Helper_');
			        	
			        	$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
						$viewRenderer->setView($view);
					}
					else
					{
						// check if user is banned
						if($controller == 'posts' && $this->auth->hasIdentity())
						{
							$thread_uid = $this->_request->getParam('uid', 0);
							
							if($checkBan->IsBanned($this->auth->getIdentity()->uid, $thread_uid))
							{
								$request->setModuleName('default');
								$request->setControllerName('error');
								$request->setActionName('banned');
								$request->setParam('thread_uid', $thread_uid);
							}
						}
						elseif($controller == 'threads' && $this->auth->hasIdentity())
						{
							$board_uid = $this->_request->getParam('uid', 0);
							
							if($checkBan->IsBanned($this->auth->getIdentity()->uid, false, $board_uid))
							{
								$request->setModuleName('default');
								$request->setControllerName('error');
								$request->setActionName('banned');
								$request->setParam('board_uid', $board_uid);
							}
						}
					}
				}
			}
		}
	}
}